From: tb <tb@openbsd.org>
Date: Wed, 12 Jul 2023 08:54:18 +0000 (+0000)
Subject: Revert accidental addition of cofactor ECDH support
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=ee12b81e32d5e525882d07fe646baadaead19f5d;p=openbsd

Revert accidental addition of cofactor ECDH support

This snuck in with ech_key.c r1.33 because I committed from a dirty tree.
---

diff --git a/lib/libcrypto/ecdh/ecdh.c b/lib/libcrypto/ecdh/ecdh.c
index 0781c30e095..ecb849c135a 100644
--- a/lib/libcrypto/ecdh/ecdh.c
+++ b/lib/libcrypto/ecdh/ecdh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecdh.c,v 1.4 2023/07/07 13:54:45 beck Exp $ */
+/* $OpenBSD: ecdh.c,v 1.5 2023/07/12 08:54:18 tb Exp $ */
 /* ====================================================================
  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
  *
@@ -151,7 +151,7 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh
     void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
 {
 	BN_CTX *ctx;
-	BIGNUM *cofactor, *x;
+	BIGNUM *x;
 	const BIGNUM *priv_key;
 	const EC_GROUP *group;
 	EC_POINT *point = NULL;
@@ -172,8 +172,6 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh
 
 	if ((x = BN_CTX_get(ctx)) == NULL)
 		goto err;
-	if ((cofactor = BN_CTX_get(ctx)) == NULL)
-		goto err;
 
 	if ((group = EC_KEY_get0_group(ecdh)) == NULL)
 		goto err;
@@ -191,18 +189,6 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh
 		goto err;
 	}
 
-	if ((EC_KEY_get_flags(ecdh) & EC_FLAG_COFACTOR_ECDH) != 0) {
-		if (!EC_GROUP_get_cofactor(group, cofactor, NULL)) {
-			ECerror(ERR_R_EC_LIB);
-			goto err;
-		}
-		if (!BN_mul(cofactor, cofactor, priv_key, ctx)) {
-			ECerror(ERR_R_BN_LIB);
-			goto err;
-		}
-		priv_key = cofactor;
-	}
-
 	if (!EC_POINT_mul(group, point, NULL, pub_key, priv_key, ctx)) {
 		ECerror(EC_R_POINT_ARITHMETIC_FAILURE);
 		goto err;